LetterStream MFA (Multi Factor Authentication)

Getting Started

LetterStream provides Multifactor Authentication (MFA). This article explains how MFA works with LetterStream, how verification codes are delivered, how the “Remember Me” feature works, when MFA is required, benefits to having MFA enabled, and what to expect during login or password reset.

What Is MFA?

Multi-Factor Authentication (MFA) adds an extra layer of security to your LetterStream account and is enabled by default.

After entering your username and password, you’ll be asked to enter a one-time verification code that was sent to the email address linked to the account. This helps protect your account, even if someone else knows your password.

Disabling MFA

At this time, MFA cannot be disabled. MFA offers an additional and important layer of security to your account and helps to prevent unauthorized account access, protect mailing activity, documentation, and billing information.

Accounts with a high volume of users

If you have a high volume of users needing to access the account, we highly recommend providing employees with their own login. Or you could also consider using 5-10 shared accounts based on department-level access (for example: underwriting, accounting, operations, etc.).

This usually keeps the number of logins manageable while still allowing individuals to receive MFA codes to the email address they have access to.

Best Practices

Beyond MFA, we recommend the following best practices to maintain account security:

Don't share your login credentials
Assign at least one additional trusted user to your account with their own login credentials
Always use a strong, unique password
Encourage all users practice strong passwords
Ensure your account email addresses are current and active

How You Receive Your Verification Code

Default method: Email
If your valid mobile phone number is on file, you may have the option to receive the code by phone.

You can select the available delivery option shown on the screen.

Verification codes expire 5 minutes after being sent.
If your code expires, you must request a new one.
If you did not receive a code, you can choose the option to resend it.

Remember Me Option

Our system will occasionally require a new MFA verification for security purposes. The “remember this device” or "remember me" option is automatically enabled on our side, so it does not continue to re-appear during every login attempt.

If you are prompted for MFA at every login or somewhat frequently, it is likely due to security settings configured by you or your organization that require stricter authentication practices.

Some things that can cause frequent MFA requests are:

Logging in from a different device
Your IP address changes
Using a VPN
A different user logs in on the same device
A different user logs in on another device
A user has login credentials but does not have access to the associated email address
Your verification code expires before it is entered

These situations can be normal and help ensure the security of your account. Other situations such as users utilizing login credentials that don't belong to them, aka shared login credentials, can be resolved by creating a unique login for each user specific to them.

Admin Controls

Administrators can reset (force new request) MFA for a user, which requires verification at the next login.

MFA During Password Reset

MFA verification is also required during a password reset. In this case, after you request a new password:

A verification code will be sent to you.
Enter the code on the verification screen.
Submit the code to continue resetting your password.

This ensures your account remains secure during the reset process.

Benefits of Multi-Factor Authentication (MFA)

MFA provides lots of benefits, such as;

Additional layer of security
Helps to protect account information, funds, data, and available funds
Helps manage accounts for larger teams with multiple users by preventing former employees from continuing to access the account, even if they know the login credentials.

While MFA adds a small extra step during login, it significantly improves overall account security and helps organizations maintain better access control.